[VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability

George A. Theall theall at tenablesecurity.com
Wed Jun 13 18:30:24 UTC 2007

On 06/13/07 14:00, str0ke wrote:

> Are you sure that authentication is needed for this to be exploitable?

No, it's not. The admin just needs to tweak permissions so that 
anonymous users have access to it.

theall at tenablesecurity.com

More information about the VIM mailing list